I am using datastax opscenter 6.0 for DSE Cassandra Monitoring. Configuration is done to send SNMP trap but Trap receiver ( HP Openview in this case ) is not receiving this alert.
I don't see any SNMP realted errors in opscenter logfile. How do I trace the exact error?
Here is my snmp.conf file:
[snmp]
# set to 1 to enable SNMP trap sending
enabled=1
# Levels can be a comma-delimited list of any of the following:
# DEBUG,INFO,WARN,ERROR,CRITICAL,ALERT
# If the left is empty, OpsCenter will listen for all levels.
levels=ALERT
# Comma-delimited list of cluster names for which
# this alert config will be eligible to run.
# If left empty, this alert will be called for events on all clusters.
clusters=
# SNMP engine ID, specified by rfc3411 and rfc5343.
# See http://tools.ietf.org/html/rfc3411#section-5
# SnmpEngineID definition for more information.
#
# 32 octet (max length) unique hex engine ID. Must not be all zeroes or all
# 255's. The first four octets specify the enterprise ID, left filled
# with zeroes and starting with an 8. The fifth octet specifies a format scheme
# that specifies the nature of the remaining octets. The remaining octets
# are given in accordance with the specified format.
#
# Format Schemes:
# 1 -- IPv4 Address scheme
# 2 -- IPv6 Address scheme
# 3 -- MAC Address scheme
# 4 -- Text Address scheme
# 5 -- Octets scheme
#
# Default scheme is octets scheme; if nothing else, you should change
# 01020304 to a unique octet string.
#engine_id=80:00:00:00:05:01:02:03:04
# IPv4 address of the SNMP target.
target_ip=*.*.*.* ( commented due to security urpose )
# Port to direct traps to on the SNMP target.
target_port=162
# Set to 1 to use SNMPv3 and the user/privacy key/auth key model. Set to 0 to
# use SNMPv1/community model.
use_snmpv3=0
# SNMPv1/2 community name (for community security model)
community_name=public
# SNMPv3 username
#user=opscusername
# SNMPv3 authentication protocol
# Options:
# MD5 -- MD5-based authentication protocol
# SHA -- SHA-based authentication protocol
# NoAuth -- no authentication to use
#auth_protocol=SHA
# SNMPv3 authentication key
#auth_key=authkey1
# SNMPv3 privacy protocol
# Options:
# DES -- DES-based encryption protocol
# AES -- AES128-based encryption protocol (RFC3826)
# 3DES -- triple DES-based encryption protocol (Extended Security Options)
# AES192 -- AES192-based encryption protocol (Extended Security Options)
# AES256 -- AES256-based encryption protocol (Extended Security Options)
# NoPriv-- no encryption to use
#privacy_protocol=AES
# SNMPv3 privacy key
#privacy_key=privkey1
Try setting levels=ALERT to levels= and make sure its not just that your filtering the events your looking for first (can turn it back once have it working like you want, just easier to see more things).
Can use wireshark or tcpdump to check if the trap is being sent with something like:
tcpdump -i eth1 -T snmp "(port 161 or 162)"
(note: eth1 may need to be replaced with your interface name). SNMP clients can be a little bit of a pita in being setup correctly as well, so good to check if they are being sent and not handled vs not sent.
Related
The sk_buff has a member ip_summed commented with
#ip_summed: Driver fed us an IP checksum
It seems to indicate the checksum status of IP/L3 layer from its name.
But according to it's possible value such as:
CHECKSUM_UNNECESSARY
The hardware you’re dealing with doesn’t calculate the full checksum (as in CHECKSUM_COMPLETE), but it does parse headers and verify checksums for specific protocols. For such packets it will set CHECKSUM_UNNECESSARY if their checksums are okay. sk_buff.csum is still undefined in this case though. A driver or device must never modify the checksum field in the packet even if checksum is verified.
CHECKSUM_UNNECESSARY is applicable to following protocols:
TCP: IPv6 and IPv4.
UDP: IPv4 and IPv6. A device may apply CHECKSUM_UNNECESSARY to a zero UDP checksum for either IPv4 or IPv6, the networking stack may perform further validation in this case.
GRE: only if the checksum is present in the header.
SCTP: indicates the CRC in SCTP header has been validated.
FCOE: indicates the CRC in FC frame has been validated.
in https://docs.kernel.org/networking/skbuff.html it seems to indicate the checksum status of L4 layer.
Besides, in ip_rcv() it seems the ip_summed is not used before calculating the checksum of IP header.
So is there any reason the member is named as ip_summed rather than l4_summed (maybe)?
We believe this was added as an optimization to skip computing and
verifying checksums for communication between containers. However, locally
generated packets have ip_summed == CHECKSUM_PARTIAL, so the code as
written does nothing for them. As far as we can tell, after removing this
code, these packets are transmitted from one stack to another unmodified
(tcpdump shows invalid checksums on both sides, as expected), and they are
delivered correctly to applications. We didn’t test every possible network
configuration, but we tried a few common ones such as bridging containers,
using NAT between the host and a container, and routing from hardware
devices to containers. We have effectively deployed this in production at
Twitter (by disabling RX checksum offloading on veth devices).
if (skb->ip_summed == CHECKSUM_COMPLETE)
skb->csum = csum_block_sub(skb->csum,
csum_partial(start, len, 0), off);
else if (skb->ip_summed == CHECKSUM_PARTIAL &&
skb_checksum_start_offset(skb) < 0)
skb->ip_summed = CHECKSUM_NONE;
i want to set and get temperature of serial device (testequity1000) by using pyserial but not able to communicate.
cable used RS232
python 3.7
import serial
port = 'COM20'
` serial_comunication = serial.Serial(port, baudrate=9600, timeout=1)
answer = serial_comunication.read(400)
print(answer)
NEW_TEMPERATURE=45
set_temp=serial_comunication.write(b'NEW_TEMPERATURE')
print(set_temp)
abc=serial_comunication.close()
print(abc)
results:
b''
15
None
can't understand these result
Your device seems to be able to communicate on the RS232 bus but you have to use Modbus instead of the raw serial.
Quoting from the manual:
The F4 Temperature Controller has an RS-232C interface. A DB-9
connector is located on the rear panel. It is wired to accommodate a
null-modem cable. To communicate with the controller from a PC, you
need to run software that uses the Modbus RTU protocol. Each
controller function has a “register” number which can be read or
written to (when applicable). These registers are listed Chapter Seven
of the “Series F4 User’s Manual”. RS-232C Modbus programming resources
and LabVIEW drivers can be downloaded from
http://chamber.testequity.com/rs232.html
Common Modbus Registers
-Actual chamber temperature reading is register 100 (Input 1 Value).
-Actual chamber humidity reading is register 104 (Input 2 Value).
-Static temperature set point is register 300 (Set Point 1).
-Static humidity set point is register 319 (Set Point 2). •
-Temperature set point during a profile is register 4122 (Set Point 1, Current Profile Status).
-Humidity set point during a profile is register 4123 (Set Point 2, Current Profile Status).
-Decimal points are implied. For example, 1005 is actually 100.5 and -230 is -23.0.
Based on these details you can use pymodbus instead. A good starting point is this example.
You can install the package with: pip install pymodbus
So, if you want to read the Actual Chamber Temperature you need to write something similar to this:
#!/usr/bin/env python
# Pymodbus Synchronous Client Examples
# --------------------------------------------------------------------------- #
# import the various server implementations
# --------------------------------------------------------------------------- #
from pymodbus.client.sync import ModbusSerialClient as ModbusClient
# --------------------------------------------------------------------------- #
# configure the client logging
# --------------------------------------------------------------------------- #
import logging
FORMAT = ('%(asctime)-15s %(threadName)-15s '
'%(levelname)-8s %(module)-15s:%(lineno)-8s %(message)s')
logging.basicConfig(format=FORMAT)
log = logging.getLogger()
log.setLevel(logging.DEBUG)
UNIT = 0x1
# ------------------------------------------------------------------------#
# choose the client you want
# ------------------------------------------------------------------------#
client = ModbusClient(method='rtu', port='COM20', timeout=1, baudrate=19200)
client.connect()
# ----------------------------------------------------------------------- #
# example requests
# ----------------------------------------------------------------------- #
rr = client.read_holding_registers(100, 1, unit=UNIT) #Actual chamber temperature reading
print(rr.registers[0])
# ----------------------------------------------------------------------- #
# close the client
# ----------------------------------------------------------------------- #
client.close()
You might need to change the default baudrate (according to the manual 19200) and/or the Modbus UNIT ID (UNIT 1 is the default value).
Hello I actually just finished using a little something in python. TestEquity chamber for the RS-232 you need to use modbus RTU protocol.
I'm using minimalmodbus. The other thing is that you need to make sure that you are using a null modem Tx and Rx need to be swapped in the DB9 connector.
Check the baudrate and slave address in setup, communications.
My code is here:
import minimalmodbus
TE1007C = minimalmodbus.Instrument("COM5", 1)
# Set baudrate
TE1007C.serial.baudrate = 9600
temp = TE1007C.read_register(100, 1, signed=True)
print(temp)
To set a temperature use write_register(). There are other registers that can be use.
I'm trying to transport over a gretap tunnel between two Linux (Centos 6) hosts some cloned IP pkts in order to feed an IDS style device.
Given that PMTU discovery will not work on the cloned pkts I'm trying to transport I have to find a way to clear the DF bit in the header of the GRE pkt, so that it can be fragmented by the sending host and re-assembled at the other end. Otherwise largish pkts (... near the 1500 bytes nmark) will be silently dropped, after the GRE overhead is added.
I've found a working solution that involves configuring an iptables plugin in order to clear the said DF bit, but that solution is a bit too convoluted. See here: http://backreference.org/2013/07/23/gre-bridging-ipsec-and-nfqueue/ .
I had a peek at the source code of net/ipv4/ip_gre.c and in there I've found these interesting lines (around line 432 from here: https://github.com/torvalds/linux/blob/master/net/ipv4/ip_gre.c ):
df = key->tun_flags & TUNNEL_DONT_FRAGMENT ? htons(IP_DF) : 0;
iptunnel_xmit(skb->sk, rt, skb, fl.saddr, key->u.ipv4.dst, IPPROTO_GRE,
key->tos, key->ttl, df, false);
return;
The first line in particular seems to enable some logic to conditionally set the DF bit on the outgoing GRE pkt. Assuming I understand the code correctly, that would allow pkts to leave my Linux host without a DF bit set, which should in turn allow for fragmentation.
I've been trying to figure out how I could set the value of key->tun_flags, so that the conditional statement results in a "0" but I couldn't find any CLU that would allow me to do that (ip li, ifconfig, udevadm, etc...).
Does anybody know how the value of key->tun_flags can be manipulated?
"man 8 ip-tunnel"
ignore-df
enable IPv4 DF suppression on this tunnel.
Normally datagrams that exceed the MTU will be
fragmented; the presence of the DF flag inhibits
this, resulting instead in an ICMP Unreachable
(Fragmentation Required) message. Enabling this
attribute causes the DF flag to be ignored.
For example:
ip link add gretap1 type gretap remote xxx.yyy.zzz.ppp ignore-df nopmtudisc
will remove the DF flag. Note that you must also set nopmtudisc option, see https://bugzilla.kernel.org/show_bug.cgi?id=14837, final comment.
A kernel version greater than v5.10.10 is required to support the ignore-df option.
i have a question to the output of iwlist scan. for instance i have the following result.
There are multiple entries with IE. What does the IE stand for? Becasue there are multiple entries i guess there are different encryption options for this Wifi. What are all options can be displayed there? "WPA Version 1","IEEE 802.11i/WPA2 Version 1","unkonw" what is about WEP? Or EAP? How this will be displayed?
Cell 01 - Address: 00:1F:F3:02:04:81
ESSID:"Apple Network"
Mode:Master
Channel:1
Frequency:2.412 GHz (Channel 1)
Quality=42/100 Signal level:-84 dBm Noise level=-127 dBm
Encryption key:on
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: Unknown: 2D1A2C0217FFFF000000000000000000000000000000000000000000
IE : Information Elements
Refer to Management Frames,
Management frames are quite flexible. Most of the data contained in
the frame body uses fixed-length fields called fixed fields and
variable-length fields called information elements. Information elements are blobs of data of varying size. Each data blob
is tagged with a type number and a size, and it is understood that an
information element of a certain type has its data field interpreted
in a certain way. New information elements can be defined by newer
revisions to the 802.11 specification;
IEEE 802.11i-2004 is standard that specifies security mechanisms for wireless networks.
Wi-Fi Protected Access (WPA) is security protocol and security certification program.
sorry I can't find iwlist result with WEP and EAP.....
How about use iw command? The n mode on “iwlist wlan0 scan”
Here is my issue:
A) I'm a scripting newbie
B) I have a file where I need the data separated into a CSV style table, I problem is there are three areas of data (see below):
(Area 1, not relevant) Total IPv4 packets captured: 2245686
# L4 Protocol # Packets Relative Frequency[%] Protocol description
1 5602 0.249456 Internet Control Message Protocol
.... (more data here)
(Area 2, relevant) Total TCP packets: 2238186
# Port # Packets Relative Frequency[%] Protocol description
22 2138555 95.548583 The Secure Shell (SSH) Protocol
.... (more data here)
(Area 3, relevant) Total UDP packets: 1623
# Port # Packets Relative Frequency[%] Protocol description
.... (more data here)
(Area 4, relevant) Total SCP packets: 0
# Port # Packets Relative Frequency[%] Protocol description
.... (more data here)
(This is a Tranalyzer _protocols output)
So what I need to do is make the output look like:
# Port,# Packets,Relative Frequency[%],Protocol description
22,2138555,95.548583,The Secure Shell (SSH) Protocol,(more data...)
but I also need to take the data from each area and put it in a separate CSV file (TCP, UDP, SCP) so that for all flows I put in the table (each in a different _protocols file in different subdirectories) the data can go into one of these 3 files and build what will be a memory-crushing spreadsheet (hence why a CSV.)
I'm also completely open to any other way to represent this anyone can suggest.
Much appreciated!
Following command will extract and convert the data file to a csv.
Change x to TCP, UDP or SCP to extract particular set of data.
Change <analyzer_output.txt> to proper file name before executing.
x="SCP"; \
cat <analyzer_output.txt> | sed "1,/^Total $x/d; /^Total /,\$d; /^\s*$/d" | \
sed 's/\([0-9]\)\s\+\([0-9]\)/\1,\2/g; s/\([0-9]\)\s\+\([A-Za-z]\)/\1,\2/g' \
> $x.csv
Resulting SCP.csv file for below sample data
41,2138555,95.548583,The Secure Shell (SSH) Protocol
42,2138555,95.548583,The Secure Shell (SSH) Protocol
Sample data file
Total IPv4 packets captured: 2245686
1 5602 0.249456 Internet Control Message Protocol
2 5602 0.249456 Internet Control Message Protocol
Total TCP packets: 2238186
21 2138555 95.548583 The Secure Shell (SSH) Protocol
22 2138555 95.548583 The Secure Shell (SSH) Protocol
Total UDP packets: 1623
31 2138555 95.548583 The Secure Shell (SSH) Protocol
32 2138555 95.548583 The Secure Shell (SSH) Protocol
Total SCP packets: 0
41 2138555 95.548583 The Secure Shell (SSH) Protocol
42 2138555 95.548583 The Secure Shell (SSH) Protocol